RubyGems - spree_api - Versions diffs - 3.0.10 → 3.1.0.rc1 - Mend

spree_api 3.0.10 → 3.1.0.rc1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (190) hide show

data/app/controllers/spree/api/orders_controller.rb DELETED Viewed

@@ -1,130 +0,0 @@
-module Spree
-  module Api
-    class OrdersController < Spree::Api::BaseController
-      skip_before_action :check_for_user_or_api_key, only: :apply_coupon_code
-      skip_before_action :authenticate_user, only: :apply_coupon_code
-      before_action :find_order, except: [:create, :mine, :current, :index, :update]
-      # Dynamically defines our stores checkout steps to ensure we check authorization on each step.
-      Spree::Order.checkout_steps.keys.each do |step|
-        define_method step do
-          find_order
-          authorize! :update, @order, params[:token]
-        end
-      end
-      def cancel
-        authorize! :update, @order, params[:token]
-        @order.cancel!
-        respond_with(@order, :default_template => :show)
-      end
-      def create
-        authorize! :create, Spree::Order
-        order_user = if @current_user_roles.include?('admin') && order_params[:user_id]
-          Spree.user_class.find(order_params[:user_id])
-        else
-          current_api_user
-        end
-        import_params = if @current_user_roles.include?("admin")
-          params[:order].present? ? params[:order].permit! : {}
-        else
-          order_params
-        end
-        @order = Spree::Core::Importer::Order.import(order_user, import_params)
-        respond_with(@order, default_template: :show, status: 201)
-      end
-      def empty
-        authorize! :update, @order, order_token
-        @order.empty!
-        render text: nil, status: 204
-      end
-      def index
-        authorize! :index, Order
-        @orders = Spree::Order.ransack(params[:q]).result.page(params[:page]).per(params[:per_page])
-        respond_with(@orders)
-      end
-      def show
-        authorize! :show, @order, order_token
-        respond_with(@order)
-      end
-      def update
-        find_order(true)
-        authorize! :update, @order, order_token
-        if @order.contents.update_cart(order_params)
-          user_id = params[:order][:user_id]
-          if current_api_user.has_spree_role?('admin') && user_id
-            @order.associate_user!(Spree.user_class.find(user_id))
-          end
-          respond_with(@order, default_template: :show)
-        else
-          invalid_resource!(@order)
-        end
-      end
-      def current
-        @order = find_current_order
-        if @order
-          respond_with(@order, default_template: :show, locals: { root_object: @order })
-        else
-          head :no_content
-        end
-      end
-      def mine
-        if current_api_user.persisted?
-          @orders = current_api_user.orders.reverse_chronological.ransack(params[:q]).result.page(params[:page]).per(params[:per_page])
-        else
-          render "spree/api/errors/unauthorized", status: :unauthorized
-        end
-      end
-      def apply_coupon_code
-        find_order
-        authorize! :update, @order, order_token
-        @order.coupon_code = params[:coupon_code]
-        @handler = Spree::PromotionHandler::Coupon.new(@order).apply
-        status = @handler.successful? ? 200 : 422
-        render "spree/api/promotions/handler", :status => status
-      end
-      private
-        def order_params
-          if params[:order]
-            normalize_params
-            params.require(:order).permit(permitted_order_attributes)
-          else
-            {}
-          end
-        end
-        def normalize_params
-          params[:order][:payments_attributes] = params[:order].delete(:payments) if params[:order][:payments]
-          params[:order][:shipments_attributes] = params[:order].delete(:shipments) if params[:order][:shipments]
-          params[:order][:line_items_attributes] = params[:order].delete(:line_items) if params[:order][:line_items]
-          params[:order][:ship_address_attributes] = params[:order].delete(:ship_address) if params[:order][:ship_address]
-          params[:order][:bill_address_attributes] = params[:order].delete(:bill_address) if params[:order][:bill_address]
-        end
-        def find_order(lock = false)
-          @order = Spree::Order.lock(lock).friendly.find(params[:id])
-        end
-        def find_current_order
-          current_api_user ? current_api_user.orders.incomplete.order(:created_at).last : nil
-        end
-        def order_id
-          super || params[:id]
-        end
-    end
-  end
-end

data/app/controllers/spree/api/payments_controller.rb DELETED Viewed

@@ -1,80 +0,0 @@
-module Spree
-  module Api
-    class PaymentsController < Spree::Api::BaseController
-      before_action :find_order
-      before_action :find_payment, only: [:update, :show, :authorize, :purchase, :capture, :void]
-      def index
-        @payments = @order.payments.ransack(params[:q]).result.page(params[:page]).per(params[:per_page])
-        respond_with(@payments)
-      end
-      def new
-        @payment_methods = Spree::PaymentMethod.available
-        respond_with(@payment_methods)
-      end
-      def create
-        @payment = @order.payments.build(payment_params)
-        if @payment.save
-          respond_with(@payment, status: 201, default_template: :show)
-        else
-          invalid_resource!(@payment)
-        end
-      end
-      def update
-        authorize! params[:action], @payment
-        if !@payment.editable?
-          render 'update_forbidden', status: 403
-        elsif @payment.update_attributes(payment_params)
-          respond_with(@payment, default_template: :show)
-        else
-          invalid_resource!(@payment)
-        end
-      end
-      def show
-        respond_with(@payment)
-      end
-      def authorize
-        perform_payment_action(:authorize)
-      end
-      def capture
-        perform_payment_action(:capture)
-      end
-      def purchase
-        perform_payment_action(:purchase)
-      end
-      def void
-        perform_payment_action(:void_transaction)
-      end
-      private
-        def find_order
-          @order = Spree::Order.friendly.find(order_id)
-          authorize! :read, @order, order_token
-        end
-        def find_payment
-          @payment = @order.payments.friendly.find(params[:id])
-        end
-        def perform_payment_action(action, *args)
-          authorize! action, Spree::Payment
-          @payment.send("#{action}!", *args)
-          respond_with(@payment, default_template: :show)
-        end
-        def payment_params
-          params.require(:payment).permit(permitted_payment_attributes)
-        end
-    end
-  end
-end

data/app/controllers/spree/api/product_properties_controller.rb DELETED Viewed

@@ -1,72 +0,0 @@
-module Spree
-  module Api
-    class ProductPropertiesController < Spree::Api::BaseController
-      before_action :find_product
-      before_action :product_property, only: [:show, :update, :destroy]
-      def index
-        @product_properties = @product.product_properties.accessible_by(current_ability, :read).
-                              ransack(params[:q]).result.
-                              page(params[:page]).per(params[:per_page])
-        respond_with(@product_properties)
-      end
-      def show
-        respond_with(@product_property)
-      end
-      def new
-      end
-      def create
-        authorize! :create, Spree::ProductProperty
-        @product_property = @product.product_properties.new(product_property_params)
-        if @product_property.save
-          respond_with(@product_property, status: 201, default_template: :show)
-        else
-          invalid_resource!(@product_property)
-        end
-      end
-      def update
-        if @product_property
-          authorize! :update, @product_property
-          @product_property.update_attributes(product_property_params)
-          respond_with(@product_property, status: 200, default_template: :show)
-        else
-          invalid_resource!(@product_property)
-        end
-      end
-      def destroy
-        if @product_property
-          authorize! :destroy, @product_property
-          @product_property.destroy
-          respond_with(@product_property, status: 204)
-        else
-          invalid_resource!(@product_property)
-        end
-      end
-      private
-        def find_product
-          @product = super(params[:product_id])
-          authorize! :read, @product
-        end
-        def product_property
-          if @product
-            @product_property ||= @product.product_properties.find_by(id: params[:id])
-            @product_property ||= @product.product_properties.includes(:property).where(spree_properties: { name: params[:id] }).first
-            authorize! :read, @product_property
-          end
-        end
-        def product_property_params
-          params.require(:product_property).permit(permitted_product_properties_attributes)
-        end
-    end
-  end
-end

data/app/controllers/spree/api/products_controller.rb DELETED Viewed

@@ -1,124 +0,0 @@
-module Spree
-  module Api
-    class ProductsController < Spree::Api::BaseController
-      def index
-        if params[:ids]
-          @products = product_scope.where(id: params[:ids].split(",").flatten)
-        else
-          @products = product_scope.ransack(params[:q]).result
-        end
-        @products = @products.distinct.page(params[:page]).per(params[:per_page])
-        expires_in 15.minutes, :public => true
-        headers['Surrogate-Control'] = "max-age=#{15.minutes}"
-        respond_with(@products)
-      end
-      def show
-        @product = find_product(params[:id])
-        expires_in 15.minutes, :public => true
-        headers['Surrogate-Control'] = "max-age=#{15.minutes}"
-        headers['Surrogate-Key'] = "product_id=1"
-        respond_with(@product)
-      end
-      # Takes besides the products attributes either an array of variants or
-      # an array of option types.
-      #
-      # By submitting an array of variants the option types will be created
-      # using the *name* key in options hash. e.g
-      #
-      #   product: {
-      #     ...
-      #     variants: {
-      #       price: 19.99,
-      #       sku: "hey_you",
-      #       options: [
-      #         { name: "size", value: "small" },
-      #         { name: "color", value: "black" }
-      #       ]
-      #     }
-      #   }
-      #
-      # Or just pass in the option types hash:
-      #
-      #   product: {
-      #     ...
-      #     option_types: ['size', 'color']
-      #   }
-      #
-      # By passing the shipping category name you can fetch or create that
-      # shipping category on the fly. e.g.
-      #
-      #   product: {
-      #     ...
-      #     shipping_category: "Free Shipping Items"
-      #   }
-      #
-      def create
-        authorize! :create, Spree::Product
-        params[:product][:available_on] ||= Time.now
-        set_up_shipping_category
-        options = { variants_attrs: variants_params, options_attrs: option_types_params }
-        @product = Spree::Core::Importer::Product.new(nil, product_params, options).create
-        if @product.persisted?
-          respond_with(@product, :status => 201, :default_template => :show)
-        else
-          invalid_resource!(@product)
-        end
-      end
-      def update
-        @product = find_product(params[:id])
-        authorize! :update, @product
-        options = { variants_attrs: variants_params, options_attrs: option_types_params }
-        @product = Spree::Core::Importer::Product.new(@product, product_params, options).update
-        if @product.errors.empty?
-          respond_with(@product.reload, :status => 200, :default_template => :show)
-        else
-          invalid_resource!(@product)
-        end
-      end
-      def destroy
-        @product = find_product(params[:id])
-        authorize! :destroy, @product
-        @product.destroy
-        respond_with(@product, :status => 204)
-      end
-      private
-        def product_params
-          params.require(:product).permit(permitted_product_attributes)
-        end
-        def variants_params
-          variants_key = if params[:product].has_key? :variants
-            :variants
-          else
-            :variants_attributes
-          end
-          params.require(:product).permit(
-            variants_key => [permitted_variant_attributes, :id],
-          ).delete(variants_key) || []
-        end
-        def option_types_params
-          params[:product].fetch(:option_types, [])
-        end
-        def set_up_shipping_category
-          if shipping_category = params[:product].delete(:shipping_category)
-            id = Spree::ShippingCategory.find_or_create_by(name: shipping_category).id
-            params[:product][:shipping_category_id] = id
-          end
-        end
-    end
-  end
-end

data/app/controllers/spree/api/promotions_controller.rb DELETED Viewed

@@ -1,26 +0,0 @@
-module Spree
-  module Api
-    class PromotionsController < Spree::Api::BaseController
-      before_action :requires_admin
-      before_action :load_promotion
-      def show
-        if @promotion
-          respond_with(@promotion, default_template: :show)
-        else
-          raise ActiveRecord::RecordNotFound
-        end
-      end
-      private
-        def requires_admin
-          return if @current_user_roles.include?("admin")
-          unauthorized and return
-        end
-        def load_promotion
-          @promotion = Spree::Promotion.find_by_id(params[:id]) || Spree::Promotion.with_coupon_code(params[:id])
-        end
-    end
-  end
-end

data/app/controllers/spree/api/properties_controller.rb DELETED Viewed

@@ -1,70 +0,0 @@
-module Spree
-  module Api
-    class PropertiesController < Spree::Api::BaseController
-      before_action :find_property, only: [:show, :update, :destroy]
-      def index
-        @properties = Spree::Property.accessible_by(current_ability, :read)
-        if params[:ids]
-          @properties = @properties.where(id: params[:ids].split(",").flatten)
-        else
-          @properties = @properties.ransack(params[:q]).result
-        end
-        @properties = @properties.page(params[:page]).per(params[:per_page])
-        respond_with(@properties)
-      end
-      def show
-        respond_with(@property)
-      end
-      def new
-      end
-      def create
-        authorize! :create, Spree::Property
-        @property = Spree::Property.new(property_params)
-        if @property.save
-          respond_with(@property, status: 201, default_template: :show)
-        else
-          invalid_resource!(@property)
-        end
-      end
-      def update
-        if @property
-          authorize! :update, @property
-          @property.update_attributes(property_params)
-          respond_with(@property, status: 200, default_template: :show)
-        else
-          invalid_resource!(@property)
-        end
-      end
-      def destroy
-        if @property
-          authorize! :destroy, @property
-          @property.destroy
-          respond_with(@property, status: 204)
-        else
-          invalid_resource!(@property)
-        end
-      end
-      private
-        def find_property
-          @property = Spree::Property.accessible_by(current_ability, :read).find(params[:id])
-        rescue ActiveRecord::RecordNotFound
-          @property = Spree::Property.accessible_by(current_ability, :read).find_by!(name: params[:id])
-        end
-        def property_params
-          params.require(:property).permit(permitted_property_attributes)
-        end
-    end
-  end
-end